Overview

overview

8

Static

static

b6ff91d379...19.exe

windows7-x64

8

b6ff91d379...19.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    b6ff91d3793e3ebae2e04dd96a130922c01836bba967c189191b907c6e866419

  • Size

    412KB

  • Sample

    221203-r2atkahf78

  • MD5

    a49e757cccb3737ce8be3560637fb902

  • SHA1

    e267807616f942883d4be1b15de7150125fa0f79

  • SHA256

    b6ff91d3793e3ebae2e04dd96a130922c01836bba967c189191b907c6e866419

  • SHA512

    fe67b2200530274c3dca11d652fad32e32a4b3aedc0c759603ac8770bb9006f6160a36b06238ba138fc7d2c0d508205b83ba4648ef231b9e11fbadeb3589cd37

  • SSDEEP

    12288:l/OiT9PLWQhwpgIjA/t5tV8xjsgBov6/vYXubE/aPE:eQ7/0jdA

Score
8/10
persistence

Malware Config

Targets

    • Target

      b6ff91d3793e3ebae2e04dd96a130922c01836bba967c189191b907c6e866419

    • Size

      412KB

    • MD5

      a49e757cccb3737ce8be3560637fb902

    • SHA1

      e267807616f942883d4be1b15de7150125fa0f79

    • SHA256

      b6ff91d3793e3ebae2e04dd96a130922c01836bba967c189191b907c6e866419

    • SHA512

      fe67b2200530274c3dca11d652fad32e32a4b3aedc0c759603ac8770bb9006f6160a36b06238ba138fc7d2c0d508205b83ba4648ef231b9e11fbadeb3589cd37

    • SSDEEP

      12288:l/OiT9PLWQhwpgIjA/t5tV8xjsgBov6/vYXubE/aPE:eQ7/0jdA

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks